STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system wireless network adapters must be disabled unless approved and documented.

DISA Rule

SV-234847r622137_rule

Vulnerability Number

V-234847

Group Title

SRG-OS-000299-GPOS-00117

Rule Version

SLES-15-010380

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SUSE operating system to disable all wireless network interfaces with the following command:

For each interface of type wireless, bring the interface into "down" state:

> sudo wicked ifdown wlan0

For each interface of type wireless with a configuration type of "compat:suse:", remove the associated file:

> sudo rm /etc/sysconfig/network/ifcfg-wlan0

For each interface of type wireless, for each configuration of type "wicked:xml:", remove the associated file or remove the interface configuration from the file.

> sudo rm /etc/wicked/ifconfig/wlan0.xml

Check Contents

Verify that the SUSE operating system has no wireless network adapters enabled.

Check that there are no wireless interfaces configured on the system with the following command:

> sudo wicked show all

lo up
link: #1, state up
type: loopback
config: compat:suse:/etc/sysconfig/network/ifcfg-lo
leases: ipv4 static granted
leases: ipv6 static granted
addr: ipv4 127.0.0.1/8 [static]
addr: ipv6 ::1/128 [static]

eth0 up
link: #2, state up, mtu 1500
type: ethernet, hwaddr 06:00:00:00:00:01
config: compat:suse:/etc/sysconfig/network/ifcfg-eth0
leases: ipv4 dhcp granted
leases: ipv6 dhcp granted, ipv6 auto granted
addr: ipv4 10.0.0.100/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp

wlan0 up
link: #3, state up, mtu 1500
type: wireless, hwaddr 06:00:00:00:00:02
config: wicked:xml:/etc/wicked/ifconfig/wlan0.xml
leases: ipv4 dhcp granted
addr: ipv4 10.0.0.101/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp

If a wireless interface is configured, it must be documented and approved by the local AO.

If a wireless interface is configured and has not been documented and approved, this is a finding.

Vulnerability Number

V-234847

Documentable

False

Rule Version

SLES-15-010380

Severity Override Guidance

Verify that the SUSE operating system has no wireless network adapters enabled.

Check that there are no wireless interfaces configured on the system with the following command:

> sudo wicked show all

lo up
link: #1, state up
type: loopback
config: compat:suse:/etc/sysconfig/network/ifcfg-lo
leases: ipv4 static granted
leases: ipv6 static granted
addr: ipv4 127.0.0.1/8 [static]
addr: ipv6 ::1/128 [static]

eth0 up
link: #2, state up, mtu 1500
type: ethernet, hwaddr 06:00:00:00:00:01
config: compat:suse:/etc/sysconfig/network/ifcfg-eth0
leases: ipv4 dhcp granted
leases: ipv6 dhcp granted, ipv6 auto granted
addr: ipv4 10.0.0.100/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp

wlan0 up
link: #3, state up, mtu 1500
type: wireless, hwaddr 06:00:00:00:00:02
config: wicked:xml:/etc/wicked/ifconfig/wlan0.xml
leases: ipv4 dhcp granted
addr: ipv4 10.0.0.101/16 [dhcp]
route: ipv4 default via 10.0.0.1 proto dhcp

If a wireless interface is configured, it must be documented and approved by the local AO.

If a wireless interface is configured and has not been documented and approved, this is a finding.

Check Content Reference

M

Target Key

5274

Comments